Certificate

$ rpki-client -vvf rpki.afrinic.net/repository/afrinic/oe2rGs1DDP5KUfMdsYUNlaiEsUQ.cer
File:                     oe2rGs1DDP5KUfMdsYUNlaiEsUQ.cer (raw, json)
Hash identifier:          Ofz5PKcEsCCSWNi81/GmeBfiZw/55Y1un37e8Dz42Cc=
Subject key identifier:   A1:ED:AB:1A:CD:43:0C:FE:4A:51:F3:1D:B1:85:0D:95:A8:84:B1:44
Authority key identifier: 2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80
Certificate issuer:       /CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
Certificate serial:       29DD
Authority info access:    rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
Manifest:                 rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/oe2rGs1DDP5KUfMdsYUNlaiEsUQ.mft
caRepository:             rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/
Notify URL:               https://rrdp.afrinic.net/notification.xml
Certificate not before:   Sat 20 Apr 2024 07:20:33 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 37628
                          IP: 154.65.12.0/22
                          IP: 2c0f:f4f0::/32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10717 (0x29dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFRINIC/serialNumber=2B57897A7CA964C3C8B7F7BDDAA7A4DA34A98F80
        Validity
            Not Before: Apr 20 07:20:33 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=F366C302AF/serialNumber=A1EDAB1ACD430CFE4A51F31DB1850D95A884B144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:94:5b:79:0f:ad:89:f5:11:a2:40:34:2a:fa:
                    cc:e1:97:18:0f:88:d8:35:88:40:5f:5e:bb:dd:05:
                    74:ac:8c:6c:b9:22:2c:d3:3f:d3:9d:e7:8c:9e:22:
                    d6:e6:78:48:36:0f:d6:65:dd:a8:87:b7:13:c9:40:
                    5a:29:40:b3:95:e1:01:fa:86:55:de:c2:62:db:c0:
                    ee:1a:c1:cc:06:1e:72:4d:0e:90:5a:f1:a3:53:0b:
                    eb:47:db:d1:c2:3a:24:b2:0b:ae:1e:89:83:fa:41:
                    d2:a5:38:d9:9e:c2:49:0c:2b:2e:1f:2a:ce:b2:ed:
                    31:7b:83:84:17:d7:c3:29:b2:af:28:f9:05:05:27:
                    69:f8:5c:99:2c:f2:56:0b:2a:f4:d2:fe:7e:77:ba:
                    d8:68:be:71:8b:71:ff:c8:47:fa:db:51:bd:17:ad:
                    35:dd:d7:a9:31:c5:82:46:a4:8b:d8:c9:64:66:f4:
                    35:e2:d6:6b:d5:1d:c1:66:63:60:24:db:96:87:54:
                    92:91:40:16:46:2c:e1:f9:d6:7e:ee:01:d0:54:c2:
                    aa:c9:e1:75:a4:b6:e0:89:47:8d:67:e8:bb:c6:1f:
                    3e:4a:cc:95:8f:c3:39:a9:8f:22:a3:f9:3e:14:91:
                    cd:5a:e4:09:ca:ec:fb:b0:fc:54:54:4e:63:87:3c:
                    c7:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:ED:AB:1A:CD:43:0C:FE:4A:51:F3:1D:B1:85:0D:95:A8:84:B1:44
            X509v3 Authority Key Identifier:
                keyid:2B:57:89:7A:7C:A9:64:C3:C8:B7:F7:BD:DA:A7:A4:DA:34:A9:8F:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
                RPKI Manifest - URI:rsync://rpki.afrinic.net/repository/member_repository/F366C302/763D829EFEE611EE904BCF6B017001B1/oe2rGs1DDP5KUfMdsYUNlaiEsUQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  37628

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.65.12.0/22
                IPv6:
                  2c0f:f4f0::/32

    Signature Algorithm: sha256WithRSAEncryption
         09:f4:76:79:1c:45:e7:60:59:a6:61:b0:b6:10:cc:5e:e3:eb:
         01:6c:82:e4:86:d5:61:fa:6f:84:8b:af:52:33:57:dd:a4:08:
         ce:5e:03:cd:9b:e3:d3:03:26:13:ed:53:e2:dd:42:db:7d:0d:
         90:bf:5f:54:5c:d1:f1:57:51:d3:55:c6:e1:2f:73:6a:6b:2d:
         74:46:b7:99:e9:7c:65:79:3c:d8:8d:dd:00:d5:16:07:f4:d8:
         e1:ed:01:e1:cf:e0:c1:a9:79:1f:93:3d:2a:c8:39:b9:e6:6a:
         69:84:bb:a8:da:64:11:c6:37:4b:e8:eb:55:46:71:f9:98:46:
         8d:21:84:40:57:be:ab:da:c1:b5:db:bb:1b:03:7b:88:82:ad:
         dd:12:bb:f0:52:f1:7d:1d:06:0d:0c:d2:91:0c:4a:37:a6:db:
         a9:41:ca:1b:59:f0:66:66:24:b9:7e:80:07:66:f4:bb:cd:9d:
         8a:72:15:32:29:26:e9:7e:4d:e7:81:65:e6:9a:0e:c4:fe:c5:
         0b:86:13:df:32:eb:c9:48:0f:69:99:b8:fd:d6:12:c8:c0:df:
         38:73:0b:ba:82:6e:07:f3:5a:7e:17:79:9a:1e:b2:e2:71:b3:
         b0:55:b1:53:4b:ff:5a:34:8a:f4:26:14:3a:ca:25:41:65:81:
         bf:fa:93:1d
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICKd0wDQYJKoZIhvcNAQELBQAwRTEQMA4GA1UEAxMHQUZS
SU5JQzExMC8GA1UEBRMoMkI1Nzg5N0E3Q0E5NjRDM0M4QjdGN0JEREFBN0E0REEz
NEE5OEY4MDAeFw0yNDA0MjAwNzIwMzNaFw0yNTAzMzEwMDAwMDBaMEgxEzARBgNV
BAMTCkYzNjZDMzAyQUYxMTAvBgNVBAUTKEExRURBQjFBQ0Q0MzBDRkU0QTUxRjMx
REIxODUwRDk1QTg4NEIxNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQColFt5D62J9RGiQDQq+szhlxgPiNg1iEBfXrvdBXSsjGy5IizTP9Od54yeItbm
eEg2D9Zl3aiHtxPJQFopQLOV4QH6hlXewmLbwO4awcwGHnJNDpBa8aNTC+tH29HC
OiSyC64eiYP6QdKlONmewkkMKy4fKs6y7TF7g4QX18Mpsq8o+QUFJ2n4XJks8lYL
KvTS/n53uthovnGLcf/IR/rbUb0XrTXd16kxxYJGpIvYyWRm9DXi1mvVHcFmY2Ak
25aHVJKRQBZGLOH51n7uAdBUwqrJ4XWktuCJR41n6LvGHz5KzJWPwzmpjyKj+T4U
kc1a5AnK7Puw/FRUTmOHPMc7AgMBAAGjggMaMIIDFjAdBgNVHQ4EFgQUoe2rGs1D
DP5KUfMdsYUNlaiEsUQwHwYDVR0jBBgwFoAUK1eJenypZMPIt/e92qek2jSpj4Aw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wXAYDVR0fBFUwUzBRoE+g
TYZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZyaW5pYy9L
MWVKZW55cFpNUEl0X2U5MnFlazJqU3BqNEEuY3JsMG8GCCsGAQUFBwEBBGMwYTBf
BggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkv
MDRFOEIwRDgwRjREMTFFMEI2NTdEODkzMTM2N0FFN0QvYWZyaW5pYy1jYS5jZXIw
TwYDVR0gAQH/BEUwQzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczov
L3Jwa2kuYWZyaW5pYy5uZXQvcG9saWN5L0NQUy5wZGYwggFFBggrBgEFBQcBCwSC
ATcwggEzMGwGCCsGAQUFBzAFhmByc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVw
b3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9yeS9GMzY2QzMwMi83NjNEODI5RUZFRTYx
MUVFOTA0QkNGNkIwMTcwMDFCMS8wNQYIKwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5h
ZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGLBggrBgEFBQcwCoZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkMzMDIvNzYzRDgyOUVGRUU2MTFFRTkwNEJDRjZCMDE3MDAxQjEvb2Uyckdz
MUREUDVLVWZNZHNZVU5sYWlFc1VRLm1mdDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMAkvwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAKaQQwwDQQCAAIwBwMF
ACwP9PAwDQYJKoZIhvcNAQELBQADggEBAAn0dnkcRedgWaZhsLYQzF7j6wFsguSG
1WH6b4SLr1IzV92kCM5eA82b49MDJhPtU+LdQtt9DZC/X1Rc0fFXUdNVxuEvc2pr
LXRGt5npfGV5PNiN3QDVFgf02OHtAeHP4MGpeR+TPSrIObnmammEu6jaZBHGN0vo
61VGcfmYRo0hhEBXvqvawbXbuxsDe4iCrd0Su/BS8X0dBg0M0pEMSjem26lByhtZ
8GZmJLl+gAdm9LvNnYpyFTIpJul+TeeBZeaaDsT+xQuGE98y68lID2mZuP3WEsjA
3zhzC7qCbgfzWn4XeZoesuJxs7BVsVNL/1o0ivQmFDrKJUFlgb/6kx0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:23 2024 by rpki-client on console-ams.rpki-client.org